microsoft-open-hack-containers-v2
Real Time Lab
This environment may only be started from the Cloud Sandbox

  Environment Logins

To connect to the Microsoft portal, launch a browser in guest or in-private mode using the credentials below.

Display Name User Name Password
Hacker One hacker11df@msftopenhack6855ops.onmicrosoft.com
Hacker Two hacker2u6k@msftopenhack6855ops.onmicrosoft.com
Hacker Three hacker30gz@msftopenhack6855ops.onmicrosoft.com
Hacker Four hacker4lvk@msftopenhack6855ops.onmicrosoft.com
Hacker Five hacker56iw@msftopenhack6855ops.onmicrosoft.com
Hacker Six hacker6uo6@msftopenhack6855ops.onmicrosoft.com

Getting Ready for Orchestration

Containers are extremely useful on their own, but their flexibility and potential is multiplied when deployed to an orchestrator. Some of the advantages of deploying your containers to an orchestrator include:

  • Deployment reliability
  • Scaling on demand
  • Better resource utilization and application density

Before getting into the details of what it takes to bring a cluster to production, your CTO would like you to first do a spike to validate your application can be deployed in a Kubernetes environment.

Challenge

At this point, you’ve built the images for the components of your application and made those images available in your private ACR. Your team’s goal in this challenge is to deploy your application to a test Azure Kubernetes Service (AKS) cluster in your Azure subscription.

Focus on making sure your containers are all up and can communicate and reach the necessary Azure services. In particular:

  • tripviewer needs to be able to access the trips and userprofile services

    Note: The Swagger API Documentation links on the homepage of tripviewer will not work at this time. You will add this functionality in a later challenge.

  • Your POI and User (Java) APIs must be reachable (even though they are not accessed by the Trip Viewer application at this stage). Refer to the application documentation for ways to test the endpoints.

    Note: There’s no need to give each API an external IP.

  • All APIs must be able to access the SQL database provided in your Azure subscription. Connection details can be found in the Messages tab of your OpenHack portal.
  • SQL connection information should be stored on the cluster in a Kubernetes Secret and not written directly into the deployment files for each microservice.

Desired Architecture

An architecture diagram showing a Kubernetes cluster and an Azure SQL database. Within the cluster, the TripViewer (Web) container is able to communicate to 4 other containers: POI, Trips, User, and User-Java. Those 4 containers communicate with the Azure SQL database.
An architecture diagram showing a Kubernetes cluster and an Azure SQL database. Within the cluster, the TripViewer (Web) container is able to communicate to 4 other containers: POI, Trips, User, and User-Java. Those 4 containers communicate with the Azure SQL database.

Services will all run in the kubernetes cluster with the TripViewer application making calls to the APIs to get data. Data is stored on an Azure SQL Server which is accessed by the APIs.

Success Criteria

  • Your team successfully created an AKS cluster in Azure
  • Your team must demonstrate that at least one pod for each component of the TripInsights application is running
  • Your team must demonstrate that the components in your cluster can connect to other components or resources:
    • tripviewer is able to access the trips and userprofile services
    • All APIs are able to access the SQL database provided in your Azure subscription
    • The POI and User (Java) APIs are reachable from the TripViewer web app top links (but the APIs do not have to be accessible from outside the AKS cluster)
  • Your team must demonstrate that the components in your cluster are accessing SQL connection information via a Kubernetes Secret.

References

Kubernetes

Azure Kubernetes Service (AKS)

Azure Container Registry (ACR)

Azure

microsoft-open-hack-containers-v2
Overview

OpenHack

Hello and welcome to OpenHack, a challenge oriented hack event from Microsoft. You will be presented with a series of challenges, each one more difficult than the one before.

You should already be assigned to and seated with a team, with whom you will attempt to solve as many challenges as you can within today’s hack time.

You have been assigned a coach who will be your first point of contact, and is here to support you and answer questions during the hack. They will not, however, solve the challenges for you.

You may notice a resource group called teamResources in your Azure subscription. This resource group contains any pre-provisioned resources referenced in the challenges.

The Premise

You work for Humongous Insurance. One of their products provides customers the opportunity to qualify for lower car insurance rates. Customers can do this by opting in to use Humongous Insurance’s TripInsights app, which collects data about their driving habits. Your team has been assigned to modernize the application and move it to the cloud.

The TripInsights application, once a monolith, has been refactored into a number of microservices:

ApplicationArchitecture.png
ApplicationArchitecture.png
  • Trip Viewer WebApp (.NET Core): Your customers use this web application to review their driving scores and trips. The trips are being simulated against the APIs within the OpenHack environment.
  • Trip API (Go): The mobile application sends the vehicle’s on-board diagnostics (OBD) trip data to this API to be stored.
  • Points of Interest API (.NET Core): This API is used to collect the points of the trip when a hard stop or hard acceleration was detected.
  • User Profile API (NodeJS): This API is used by the application to read the user’s profile information.
  • User API (Java): This API is used by the application to create and modify the users.

The source code of all the microservices is available here.

The Challenges

Each challenge will lead you through a stage of the technical investigation as briefly laid out by your fictional CTO. These investigations become more technically challenging as you progress.

We do not provide guides or instructions to solve the challenges, just a few hints and documentation references that you may find useful. There are multiple ways to solve each challenge, and very likely some we haven’t thought of. We’re interested in seeing your own unique solutions to each problem, and you should absolutely work with your coaches and the OpenHack Team to validate your solution as correct.

One final tip: Read everything very carefully

The OpenHack team have worked hard to ensure each problem is solvable. All the details you should need are within the challenge briefs, which are very carefully written and worded to give you clues toward the solution. Reading them fully is the best way to figure out a solution, as small points can be easily missed. Your coaches will help to fill gaps in your understanding, provided you ask them the right questions.


Messages

In order to chat with your group, please enter a name. Do NOT enter your real name or personal data. Preferably use the name assigned to you, i.e. Hacker One.
The user name should be at least three characters long